diff options
Diffstat (limited to 'crypto/userspace/ncr-int.h')
-rw-r--r-- | crypto/userspace/ncr-int.h | 148 |
1 files changed, 98 insertions, 50 deletions
diff --git a/crypto/userspace/ncr-int.h b/crypto/userspace/ncr-int.h index 8574b5ace57..5e40e204512 100644 --- a/crypto/userspace/ncr-int.h +++ b/crypto/userspace/ncr-int.h @@ -1,6 +1,7 @@ #ifndef NCR_INT_H # define NCR_INT_H +#include <linux/compat.h> #include <linux/idr.h> #include <linux/mutex.h> #include <linux/ncr.h> @@ -14,9 +15,33 @@ #define err() printk(KERN_DEBUG"ncr: %s: %s: %d\n", __FILE__, __func__, __LINE__) +struct nlattr; +struct ncr_out; + +// Not all known algorithms - only for quick internal identification. Note +// that more than one struct algo_properties_st may share the same enum value! +enum ncr_algorithm { + NCR_ALG_NONE__, + NCR_ALG_NULL, + + NCR_ALG_3DES_CBC, + + NCR_ALG_MD5, + NCR_ALG_SHA1, + NCR_ALG_SHA2_224, + NCR_ALG_SHA2_256, + NCR_ALG_SHA2_384, + NCR_ALG_SHA2_512, + + NCR_ALG_RSA, + NCR_ALG_DSA, + NCR_ALG_DH, +}; + struct algo_properties_st { - ncr_algorithm_t algo; + enum ncr_algorithm algo; const char *kstr; + size_t kstr_len; unsigned needs_iv:1; unsigned is_hmac:1; unsigned can_sign:1; @@ -25,6 +50,7 @@ struct algo_properties_st { unsigned can_kx:1; /* key exchange */ unsigned is_symmetric:1; unsigned is_pk:1; + unsigned has_transparent_hash:1; int digest_size; /* NCR_KEY_TYPE_SECRET if for a secret key algorithm or MAC, * NCR_KEY_TYPE_PUBLIC for a public key algorithm. @@ -32,32 +58,6 @@ struct algo_properties_st { ncr_key_type_t key_type; }; -struct session_item_st { - const struct algo_properties_st *algorithm; - ncr_crypto_op_t op; - - /* contexts for various options. - * simpler to have them like that than - * in a union. - */ - struct cipher_data cipher; - struct ncr_pk_ctx pk; - struct hash_data hash; - - struct scatterlist *sg; - struct page **pages; - unsigned array_size; - unsigned available_pages; - struct mutex mem_mutex; /* down when the - * values above are changed. - */ - - struct key_item_st* key; - - atomic_t refcnt; - ncr_session_t desc; -}; - struct key_item_st { /* This object is also not protected from concurrent access. */ @@ -104,21 +104,33 @@ struct ncr_lists { void* ncr_init_lists(void); void ncr_deinit_lists(struct ncr_lists *lst); -int ncr_ioctl(struct ncr_lists *lst, unsigned int cmd, unsigned long arg); +long ncr_ioctl(struct ncr_lists *lst, unsigned int cmd, unsigned long arg); +long ncr_compat_ioctl(struct ncr_lists *lst, unsigned int cmd, + unsigned long arg); /* key derivation */ -int ncr_key_derive(struct ncr_lists *lst, void __user* arg); +int ncr_key_derive(struct ncr_lists *lst, const struct ncr_key_derive *data, + struct nlattr *tb[]); + +void ncr_key_clear(struct key_item_st* item); +int ncr_key_update_flags(struct key_item_st *item, const struct nlattr *nla); /* key handling */ -int ncr_key_init(struct ncr_lists *lst, void __user* arg); -int ncr_key_deinit(struct ncr_lists *lst, void __user* arg); -int ncr_key_export(struct ncr_lists *lst, void __user* arg); -int ncr_key_import(struct ncr_lists *lst, void __user* arg); +int ncr_key_init(struct ncr_lists *lst); +int ncr_key_deinit(struct ncr_lists *lst, ncr_key_t desc); +int ncr_key_export(struct ncr_lists *lst, const struct ncr_key_export *data, + struct nlattr *tb[]); +int ncr_key_import(struct ncr_lists *lst, const struct ncr_key_import *data, + struct nlattr *tb[]); void ncr_key_list_deinit(struct ncr_lists *lst); -int ncr_key_generate(struct ncr_lists *lst, void __user* arg); -int ncr_key_info(struct ncr_lists *lst, void __user* arg); - -int ncr_key_generate_pair(struct ncr_lists *lst, void __user* arg); +int ncr_key_generate(struct ncr_lists *lst, const struct ncr_key_generate *gen, + struct nlattr *tb[]); +int ncr_key_get_info(struct ncr_lists *lst, struct ncr_out *out, + const struct ncr_key_get_info *info, struct nlattr *tb[]); + +int ncr_key_generate_pair(struct ncr_lists *lst, + const struct ncr_key_generate_pair *gen, + struct nlattr *tb[]); int ncr_key_get_public(struct ncr_lists *lst, void __user* arg); int ncr_key_item_get_read(struct key_item_st**st, struct ncr_lists *lst, @@ -138,21 +150,32 @@ int ncr_limits_add_and_check(uid_t uid, pid_t pid, limits_type_t type); void ncr_limits_init(void); void ncr_limits_deinit(void); -int ncr_key_wrap(struct ncr_lists *lst, void __user* arg); -int ncr_key_unwrap(struct ncr_lists *lst, void __user* arg); -int ncr_key_storage_wrap(struct ncr_lists *lst, void __user* arg); -int ncr_key_storage_unwrap(struct ncr_lists *lst, void __user* arg); +int ncr_key_wrap(struct ncr_lists *lst, const struct ncr_key_wrap *wrap, + struct nlattr *tb[]); +int ncr_key_unwrap(struct ncr_lists *lst, const struct ncr_key_unwrap *wrap, + struct nlattr *tb[]); +int ncr_key_storage_wrap(struct ncr_lists *lst, + const struct ncr_key_storage_wrap *wrap, + struct nlattr *tb[]); +int ncr_key_storage_unwrap(struct ncr_lists *lst, + const struct ncr_key_storage_unwrap *wrap, + struct nlattr *tb[]); /* sessions */ -struct session_item_st* ncr_session_new(struct ncr_lists *lst); -void _ncr_sessions_item_put( struct session_item_st* item); -struct session_item_st* ncr_sessions_item_get(struct ncr_lists *lst, ncr_session_t desc); void ncr_sessions_list_deinit(struct ncr_lists *lst); -int ncr_session_init(struct ncr_lists* lists, void __user* arg); -int ncr_session_update(struct ncr_lists* lists, void __user* arg); -int ncr_session_final(struct ncr_lists* lists, void __user* arg); -int ncr_session_once(struct ncr_lists* lists, void __user* arg); +int ncr_session_init(struct ncr_lists *lists, + const struct ncr_session_init *session, + struct nlattr *tb[]); +int ncr_session_update(struct ncr_lists *lists, + const struct ncr_session_update *op, struct nlattr *tb[], + int compat); +int ncr_session_final(struct ncr_lists *lists, + const struct ncr_session_final *op, struct nlattr *tb[], + int compat); +int ncr_session_once(struct ncr_lists *lists, + const struct ncr_session_once *once, struct nlattr *tb[], + int compat); /* master key */ extern struct key_item_st master_key; @@ -166,7 +189,32 @@ int key_to_storage_data( uint8_t** data, size_t * data_size, const struct key_it /* misc helper macros */ -const struct algo_properties_st *_ncr_algo_to_properties(ncr_algorithm_t algo); -const struct algo_properties_st *ncr_key_params_get_sign_hash(const struct algo_properties_st *algo, struct ncr_key_params_st * params); +const struct algo_properties_st *_ncr_algo_to_properties(const char *algo); +const struct algo_properties_st *_ncr_nla_to_properties(const struct nlattr *nla); +int _ncr_key_get_sec_level(struct key_item_st* item); + +/* CONFIG_COMPAT handling */ + +#ifdef CONFIG_COMPAT +struct compat_ncr_session_input_data { + compat_uptr_t data; + compat_size_t data_size; +}; + +struct compat_ncr_session_output_buffer { + compat_uptr_t buffer; + compat_size_t buffer_size; + compat_uptr_t result_size_ptr; +}; +#endif + +int ncr_session_input_data_from_nla(struct ncr_session_input_data *dest, + const struct nlattr *nla, int compat); + +int ncr_session_output_buffer_from_nla(struct ncr_session_output_buffer *dest, + const struct nlattr *nla, int compat); + +int ncr_session_output_buffer_set_size(const struct ncr_session_output_buffer *dest, + size_t size, int compat); #endif |